Senate Passes Controversial Cybersecurity Bill

The Senate passed the Cybersecurity Information Sharing Act (CISA) Tuesday by an overwhelming vote of 74-21. The bill, which now goes to the House, would improve cybersecurity by enabling more rapid information sharing on emerging threats between the government and the private sector.

Lawmakers struck down five amendments to the bill that were designed to enhance privacy protections, including one offered by Sen. Ron Wyden, D-Ore., that would have forced private companies to remove personally identifiable information before sharing threat information with the government, as long as the personal data was not related to the specific threat investigation and would not hinder legitimate law enforcement actions if removed.

Although the bill establishes a framework for voluntary information sharing with the government through a single portal operated and managed by the Department of Homeland Security, many of the largest tech companies have joined forces with privacy advocates to voice their opposition to the bill. They argue that CISA, which was introduced by the Senate Select Committee on Intelligence in the wake of the state-sponsored cyber attack against Sony, would enable more government spying on data belonging to innocent Americans.

Even former NSA analyst Edward Snowden, who fled the U.S. after leaking thousands of pages of classified documents pertaining to NSA electronic intelligence programs, took to Twitter.

The bill now heads to the House, which passed its own version in April. But Rep. Michael McCaul, R-Texas, chairman of the House Committee on Homeland Security, expressed skepticism over the Senate version of CISA.

“My concern with the Senate bill is that it weakens the role of (the Department of Homeland Security) and that it elevates the role of the IC, the intelligence community, as the storefront, rather than the civilian agencies…being the storefront,” McCaul said at last week’s Kaspersky Government Cybersecurity Forum in Washington, D.C.

“I’m very concerned that an NSA-centric, rather than a DHS-centric bill, will have little or no hope of passing the House,” he said.